CVE-2017-2625MEDIUMCVSS 5.5v1.1.22018-07-27
CVE-2017-2625 [MEDIUM] CWE-331 CVE-2017-2625: It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. O
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.
cvelistv5nvd